sudo env_reset in FC5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 Hi,

 I'd like to enable the env_reset option in the sudoers config file by
default in FC5:


Defaults   env_reset
Defaults   env_keep = "COLORS DISPLAY EDITOR HOSTNAME HISTSIZE INPUTRC KDEDIR \
                       LESSOPEN LS_COLORS MAIL PS1 PS2 QTDIR SSH_ASKPASS USERNAME \
                       LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
                       LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
                       LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
                       _XKB_CHARSET"


Why? The reason is CVE-2005-4158, CVE-2006-0151 and probably a lot of
same bugs in future.

Comments & suggestion?

	Karel

-- 
Karel Zak <kzak@xxxxxxxxxx>

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux